Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
-
Upload
dhruv-jain -
Category
Documents
-
view
228 -
download
0
Transcript of Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
1/30
Can You Really Trust Hardware?Exploring Security Problems in
Hardware Devices
Joe Grand
Grand Idea Studio, Inc.
The Black Hat Briefings 2005
2 2005 Grand Idea Studio, Inc.
Goals
Become familiar with classes of hardware attacks
Learn from history
Explore prior attacks against hardware products
Gain knowledge to attack/analyze new devices
Understand and accept that hardware-basedsecurity is extremely difficult
Just because it's a hardware product does not meanit's secure
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
2/30
3 2005 Grand Idea Studio, Inc.
Threat Vectors
Interception (or Eavesdropping)
Gain access to protected information withoutopening the product
Interruption (or Fault Generation)
Preventing the product from functioning normally
Modification
Tampering with the product, typically invasive
Fabrication/Man-in-the-Middle
Creating counterfeit assets of a product
4 2005 Grand Idea Studio, Inc.
Attack Goals
Competition (or Cloning)
Specific IP theft to gain marketplace advantage
Theft-of-Service
Obtaining service for free that normally requires $$$
User Authentication (or Spoofing)
Forging a user's identity to gain access to a system
Privilege Escalation (or Feature Unlocking) Gaining increased command of a system or
unlocking hidden/undocumented features
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
3/30
5 2005 Grand Idea Studio, Inc.
Thinking Like An Attacker...
6 2005 Grand Idea Studio, Inc.
Attacks Against...
Access control
Biometrics
Authentication tokens
RFID
Network appliances
Cryptographic accelerators
Wireless access points
Network adapters/NICs
PDAs/Mobile devices
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
4/30
7 2005 Grand Idea Studio, Inc.
Biometrics
Measure and analyze human body characteristicsin order to authenticate identity
Ex.: Fingerprint, hand geometry, eye pattern (iris orretina), facial features, or voice or written signature
Considered more secure than systems that usepasswords, but physical characteristics are hardto keep secret
Ex.: Fingerprint lifted from keyboard, picture can be
taken of a face, voice can be recorded
8 2005 Grand Idea Studio, Inc.
Biometrics 2
Usually composed of two or three components:
Biometric device, application software, back-endserver
Potential problems with storage of characteristicsif not implemented properly
Biometric data could be stolen and/or cloned
Some characteristics can change over time
Ex.: Glaucoma medicine changes retina color and veinpattern, scars on a finger, etc.
If fingerprint is stolen, you only have nine more touse...
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
5/30
9 2005 Grand Idea Studio, Inc.
Biometrics: Fingerprint Cloning
Current biometric fingerprint systems (optical &capacitive) are notoriously simple to bypass
In May 2002, Tsutomu Matsumoto presentedmethods to defeat scanners by using a fakefinger molded out of gelatin http://cryptome.org/gummy.htm
Defeated 11 different fingerprint systems 80% ofthe time
10 2005 Grand Idea Studio, Inc.
Biometrics: Fingerprint Cloning 2
1. Obtained latent fingerprint from a glass
2. Enhanced with cyanoacrylate adhesive (superglue) and photographed with digital camera
3. Edited contrast in Photoshop and printed ontotransparency sheet
4. Use transparency to etch fingerprint onto photo-
sensitive printed circuit board5. Created gelatin finger from circuit board "mold"
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
6/30
11 2005 Grand Idea Studio, Inc.
Biometrics: Fingerprint Cloning 3
Gelatin finger also fools capacitive sensors due tomoisture and resistance characteristics similar toa real human finger
Unlikely that gelatin finger will work on RFfingerprint scanning technologies
Used to image fingerprint structure in lower layers ofskin
12 2005 Grand Idea Studio, Inc.
Authentication Tokens
Used to provide identity in order to gain access toan asset
How do you prove you are who you say you are?
Typically used in combination with a password
Two-factor
Something you know and something you have
Common security-related uses Private data storage (credentials, crypto keys, certs,
passwords)
One-time-password generation
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
7/30
13 2005 Grand Idea Studio, Inc.
USB Authentication Token:
Rainbow iKey 1000 All data stored in easily accessible, unprotected
Serial EEPROM
Can gain full administrator access to device bygenerating a new key based on weak algorithm
"Attacks on and Countermeasures for USB HardwareToken Devices,'' www.grandideastudio.com/files/security/tokens/usb_hardware_token.pdf
14 2005 Grand Idea Studio, Inc.
USB Authentication Token 2:Rainbow iKey 1000
Extremely easy to open with X-ACTO knife Under 30 seconds with no visible damage
Can attach probes to the unpopulated footprintand read the "encapsulated" EEPROM
24LC64 uses I2C bus (serial clock and data)
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
8/30
15 2005 Grand Idea Studio, Inc.
USB Authentication Token 3:
Rainbow iKey 1000
MKEYPassword
Hashed MKEYObfuscated
MKEY
MD5 Encode
Default: "rainbow" 0xCD13B6A6AF66FB77 0xD2DDB960B0D0F499
MKEY (Master Key) serves as administrativepassword (gives full access to device)
256 character ASCII, default = "rainbow"
Hashed MKEY stored at address 0x8
16 2005 Grand Idea Studio, Inc.
USB Authentication Token 4:Rainbow iKey 1000
Byte # 1 2 3 4 5 6 7 8
A, Hashed MKEY value, md5("rainbow") = CD13 B6A6 AF66 FB77
B, Obfuscated MKEY value in EEPROM = D2DD B960 B0D0 F499
B1 = A1 XOR 0x1F
B2 = A2 XOR (A1 + 0x01)
B3 = A3 XOR 0x0F
B4 = A4 XOR (A3 + 0x10)
B5 = A5 XOR 0x1F
B6 = A6 XOR (A5 + 0x07)B7 = A7 XOR 0x0F
B8 = A8 XOR (A7 + 0xF3)
Example: 0xD2 = 0xCD XOR 0x1F
0xDD = 0x13 XOR (0xCD + 0x01) ...
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
9/30
17 2005 Grand Idea Studio, Inc.
USB Authentication Token 5:
Aladdin eToken 3.3.3.x All data stored in easily accessible, unprotected
Serial EEPROM
Can gain full user access to device by rewritinguser PIN with default PIN
"Attacks on and Countermeasures for USB HardwareToken Devices,'' www.grandideastudio.com/files/security/tokens/usb_hardware_token.pdf
18 2005 Grand Idea Studio, Inc.
USB Authentication Token 6:Aladdin eToken 3.3.3.x
Can use heat gun to soften glue around housingand split open with X-ACTO knife
Can attach probes to the EEPROM and read with
standard device programmer Atmel 25640 uses SPI bus (serial clock, data in, data
out)
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
10/30
19 2005 Grand Idea Studio, Inc.
USB Authentication Token 7:
Aladdin eToken 3.3.3.x
Memory map of SerialEEPROM obtained bymodifying eToken data onPC and viewing contentchanges in EEPROM
Common Identifier
User PIN
Administrator PIN
Default PIN
FAT / File SystemHeader Info
Private Data(Encrypted)
Secret Data(Encrypted)
Public Data(Cleartext)
$0000
$1FFF
$0 - $F
$10 - $17
$18 - $1F
$20 - $27
Ranges configuredby administrator
with eToken tools
20 2005 Grand Idea Studio, Inc.
USB Authentication Token 8:Aladdin eToken 3.3.3.x
00 00 001 0 723 5 BAA8 57 78 DE97 B7DD 9F0 1 12 1B 2 7A7 r 5. . Wx. . . . . . . . ' .
000 0002 0 BE74 503 B 37 51 FA74 FFFF FFFF FFFF FFFF . t P; 7Q. t . . . . . . . .
User PIN Admin PIN
Default PIN string
0000 001 0 BE74 503 B 37 51 FA74 B7DD 9F01 121B 27A7 . t P; 7Q. t . . . . . . ' .
0000 002 0 BE74 503 B 37 51 FA74 FFFF FFFF FFFF FFFF . t P; 7Q. t . . . . . . . .
Initial memory dump, User and Admin PINs set to unknown values
Memory dump, after modification, with User PIN now set to default
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
11/30
21 2005 Grand Idea Studio, Inc.
Dallas Semiconductor iButton
Designed to replace barcodes, RFID tags,magnetic stripes, proximity and smart cards
Physical features: Stainless steel, waterproof,rugged, wearable, tamper responsive
1-wire Interface Actually, 2 wires (clock/data and ground)
Parasitically-powered
16kbps (standard) and 142kbps (overdrive)
Unique 64-bit ID (non-secret) for each device
22 2005 Grand Idea Studio, Inc.
iButton: DS1991 MultiKey
1,152 bits of non-volatile memory split into three384-bit (48-byte) containers known as subkeys
Each subkey is protected by an independent 8-byte password
Only the correct password will grant access to thedata stored within each subkey area and returnthe 48-bytes
Incorrect password supposed to return 48-bytes of"random" data
Commonly used for cashless transactions (e.g.,parking meters, public transportation) andaccess control
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
12/30
23 2005 Grand Idea Studio, Inc.
iButton: DS1991 MultiKey 2
Initial experiments with iButton Viewer (part offree iButton-TMEX SDK) showed that "random"response is actually based on input password
24 2005 Grand Idea Studio, Inc.
iButton: DS1991 MultiKey 3
Based on input password and 12kB constantblock
Constant for all DS1991 devices
Can precompute the 48-byte return valueexpected for an incorrect password
If return value does not match, must be the
correct password and subkey data
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
13/30
25 2005 Grand Idea Studio, Inc.
iButton: DS1991 MultiKey 4
For any given character (256 possibilities), aunique 48-byte response is returned from iButton
Created application to set each single-bytepassword and monitor serial port for response
Trial and error to determine how response wasgenerated for longer length passwords
26 2005 Grand Idea Studio, Inc.
Radio Frequency Identification(RFID)
Generic term for non-contacting technologies thatuse radio waves to automatically identify peopleor objects
Has been available for decades, but just nowbecoming popular for mainstream
Robotics navigation, inventory (human?) tracking,
access control, automatic identification, paymentsystems, and car immobilization
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
14/30
27 2005 Grand Idea Studio, Inc.
Radio Frequency Identification
(RFID) 2 Most common use is to store unique serial
number (read-only) on a microchip that isattached to an antenna
Combined antenna and microchip called a"transponder" or "tag"
Typical RFID system contains a reader and oneor more tags
Each tag's unique serial number identifies a specificperson or object
28 2005 Grand Idea Studio, Inc.
Radio Frequency Identification(RFID) 3
Two major tag types:
Passive: No internal power source or transmitter,shorter range
Active: Power source (battery) and transmitter, longerrange
Four typical frequency ranges:
LF (Low Frequency), 125 to 134.2kHz HF (High Frequency), 13.56MHz
UHF (Ultra-High Frequency), 868 to 928MHz
uW (Microwave), 2.45 and 5.8 GHz
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
15/30
29 2005 Grand Idea Studio, Inc.
Radio Frequency Identification
(RFID) 41. Reader's antenna transmits RF energy
2. Energy "harvested" by tag's antenna and usedto power up internal circuitry
3. Tag will modulate electromagnetic wavesgenerated by the reader to transmit data
4. Receiver demodulates waves and converts todigital signal
30 2005 Grand Idea Studio, Inc.
Radio Frequency Identification(RFID) 5
No security between most tag and readertransmissions
If you have a reader for the correct tag family andfrequency, you can communicate with the tag
Trivial to create system to read/write RFID tags Parallax RFID Reader Module, www.parallax.com
Texas Instruments Web Page, www.tiris.com
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
16/30
31 2005 Grand Idea Studio, Inc.
Radio Frequency Identification
(RFID) 6 Cracked challenge/response scheme of Digital
Signature Transponder (DST) tag
Used for Mobil SpeedPass, vehicle immobilizers, etc.
"Analysis of the Texas Instruments DST RFID,"http://rfidanalysis.org
Proprietary cipher (based on 40-bit key) reverseengineered from a single PowerPoint slide
Over 150 million deployed devices are now atrisk and could be cloned or spoofed!
32 2005 Grand Idea Studio, Inc.
Intel NetStructure 7110:Administrator Access
SSL cryptographic accelerator Offloads crypto functions from primary Web server to
increase performance
Standard PC motherboard, Pentium II 333MHz,Rainbow (now SafeNet) CryptoSwift Acceleratorcard
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
17/30
33 2005 Grand Idea Studio, Inc.
Intel NetStructure 7110:
Administrator Access 2 Serial port-based management console on front
of unit
Can be compromised to allow supervisor access "Intel NetStructure Backdoors," www.atstake.com/research/advisories/2000/ipivot7110.html
"HPYN 2nd ed.: Hardware Hacking" chapter excerpt,www.grandideastudio.com/files/books/
hpyn2e_chapter14.pdf
34 2005 Grand Idea Studio, Inc.
Intel NetStructure 7110:Administrator Access 3
1. Opened the unit
2. Retrieved filesystem
Stored on 32MB CompactFlash card
3. Examined filesystem
Used stringsto determine BSD-flavor of Unix
4. Mounted filesystem on extra machine5. Discovered password generator
Supervisor password based on MAC address of unit
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
18/30
35 2005 Grand Idea Studio, Inc.
Intel NetStructure 7110:
Administrator Access 4 Based on standard PC architecture
Filesystem easily retrievable and mountable
Executables compiled with debug symbols
Homebrew crypto routines extremely weak
36 2005 Grand Idea Studio, Inc.
Cisco Router:Configuration Password
Three types of password
Type 0: Plaintext
Type 5: MD5 hash
Type 7: "Encrypted"
Encrypted password stored on router
Stored in NVRAM and can be retrieved from
configuration settings
Passwords of type 7 encoded by XORingplaintext against constant value
www.alcrypto.co.uk/cisco among others
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
19/30
37 2005 Grand Idea Studio, Inc.
Cisco Router:
Configuration Password 2
0 8 E2 0 4 = ab
offset 1stchar.
2ndchar.
Constant
"tfd;kfoA,.iyewrkldJKD"
Ex.:
38 2005 Grand Idea Studio, Inc.
IBM 4758 Secure CryptographicCoprocessor
Likely the most recognized, commerciallyavailable secure coprocessor system
A protected hardware subsystem designed to executesensitive functions in a trusted manner
FIPS-140 Level 4 tamper responsive device withhardware cryptographic support and physical tamper
protection Also random number generation, authentication,
general-purpose processor/coprocessor, etc.
Commonly used in financial and bankingtransactions
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
20/30
39 2005 Grand Idea Studio, Inc.
IBM 4758 Secure Cryptographic
Coprocessor 2 In 2001, First known attack against IBM 4758 by
taking advantage of a flaw in the AutomatedTeller Machine "Common CryptographicArchitecture" support software
"Extracting a 3DES key from an IBM 4758,"www.cl.cam.ac.uk/~rnc1/descrack
Can export all of the program's DES/3DES keys
Ex.: Communications Key, Pin Derivation Key, andImporter/Exporter Keys
40 2005 Grand Idea Studio, Inc.
IBM 4758 Secure CryptographicCoprocessor 3
Performed by an insider with physical access anda $995 Altera FPGA Development Board
As of February 2002, new version (2.41) of CCA fixesproblems
Even though hardware was strong, software wasable to be compromised, thus breaking the whole
system
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
21/30
41 2005 Grand Idea Studio, Inc.
Wireless Access Points:
Dell TrueMobile 1184 One of many broadband access point/routers
Device based on vLinux distribution www.onsoftwarei.com/product_vlinux.htm
"Hardware Hacking: Have Fun While Voiding YourWarranty" Wireless Hacks chapter
Port scan reveals open ports 80, 333, 1863,1864, 4443, 5190, 5566
42 2005 Grand Idea Studio, Inc.
Wireless Access Points 2:Dell TrueMobile 1184
Can telnetinto port 333 with default password togain complete control of the device
username: root, password: admin
No special hardware tools or reprogramming isnecessary
Many devices running Linux which can makehacking/experimentation easier www.linuxdevices.com
www.ucdot.org
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
22/30
43 2005 Grand Idea Studio, Inc.
NIC MAC Address Cloning
MAC (Media Access Control) Address oftenstored in easily reprogrammable Serial EEPROM www.grandideastudio.com/files/security/general/mac_address_cloning.pdf
Cloning could be used to bypass copy protection,gain access to MAC-filtered networks, etc.
MAC = 6-byte value First 3 bytes = Manufacturer
Second 3 bytes = "Unique" serial number
Depending on the NIC, other configuration dataalso accessible
Ex.: I/O base address, interrupt type, checksum
44 2005 Grand Idea Studio, Inc.
NIC MAC Address Cloning 2
Can sometimes be changed in software No hardware tampering needed!
SunOS: ifconfig
SPARC: set in NVRAM with prom-monitor
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
23/30
45 2005 Grand Idea Studio, Inc.
Business often mixed with personal
Most devices have no security framework
No access control or data/memory protection
Existing security mechanisms are weak and/or flawed
"Always on" technologies leave device open tothe world...all the time
Ex.: WiFi, Bluetooth, IR, etc.
External memory cards Some devices load apps automatically upon insertion
Easy to steal
Mobile Devices:
Current Risks
46 2005 Grand Idea Studio, Inc.
Max. 32 characters ASCII
Reversible obfuscation method (XOR againstconstant)
Palm OS Password Retrieval and Decoding,www.grandideastudio.com/files/security/mobile/palm_password_decoding_advisory.txt
Can retrieve password/hash: During HotSync operation (IR, Serial, Network)
On Palm: Unsaved Preferences database
On host PC: \Palm\users.dat
On host Mac: Palm:Users:Palm Users
Mobile Devices:Palm OS < 4.0 Password Retrieval
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
24/30
47 2005 Grand Idea Studio, Inc.
Max. 32 characters ASCII
Encoded block is 128-bit MD5 hash (notreversible)
Dictionary attack still possible using commonwords
Take advantage of short passwords
Mobile Devices:
Palm OS >= 4.0 Password Retrieval
48 2005 Grand Idea Studio, Inc.
Mobile Devices:Palm OS Backdoor Debug Mode
Exists for debugging during app development
Can install/delete/run apps, view raw memory,hard reset, export databases
Can use to bypass System Lockout functionality(OS < 4.0)
www.grandideastudio.com/files/security/mobile/palm_backdoor_debug_advisory.txt
No notification of activity is evident on device
Can use pddor PDA Seizureto create exactforensic image of data
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
25/30
49 2005 Grand Idea Studio, Inc.
ActiveSync used for all communication betweenPC and device
Available through serial, USB, IR, TCP/IP,Bluetooth
Reversible obfuscation method (XOR againstconstant)
Can retrieve password/hash: In host PC registry: HKEY_CURRENT_USER\Software\Microsoft\Windows Ce Services\Partners
Mobile Devices:
Pocket PC Password Retrieval
50 2005 Grand Idea Studio, Inc.
On some devices, 4-digit PIN used forauthentication can be manually brute-forced
Pocket PC registry accessible by any user on thedevice
PHM Registry Editor, www.phm.lu/Products/PocketPC/RegEdit
Ex.: PPP network passwords stored in plaintext Can change Control Panel Applet (cpl) entry in
registry to redirect password screen Microsoft "Let Me In" example, Q314989
Mobile Devices:Pocket PC Password Retrieval 2
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
26/30
51 2005 Grand Idea Studio, Inc.
Exists for debugging during app development
Provides remote debugging and device access toWindows CE / Pocket PC
Developer's documentation publicly available
Uses ActiveSync protocol
Can access Pocket PC registry, install/delete/runapps, export databases
Mobile Devices:
Visual Studio .Net Debugger
52 2005 Grand Idea Studio, Inc.
Allows access to a device without passing anyaccess controls http://forum.xda-developers.com
Provides a detailed debugging and diagnosticsinterface through sync port
Special mode to recognize diagnostic external
memory cards and can execute code directly fromthem
Mobile Devices:Pocket PC Phone Edition
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
27/30
53 2005 Grand Idea Studio, Inc.
Mobile Devices:
Pocket PC/XDA Bootloader
Source: "The Phone in the PDA," Job de Haas, Black Hat Amsterdam 2003
54 2005 Grand Idea Studio, Inc.
Chip Decapping and Die Analysis
Attacker can visually recreate contents or modify die(Ex.: to obtain crypto key or remove security bit)
Tools: Chip Decappers, Scanning Electron Microscope,Voltage Contrast Microscopy, Focused Ion Beam
Advanced Attack Methods
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
28/30
55 2005 Grand Idea Studio, Inc.
X-Ray
Attacker can bypass any encapsulation methods todetermine inner bus structures and circuitconfigurations
"How to Crack a Pac Man Plus!,"www.multigame.com/pacplus.html
Advanced Attack Methods 2
56 2005 Grand Idea Studio, Inc.
Common Hardware DesignProblems
Most/many engineers not familiar with security
No anti-tamper mechanisms used
Easy to open up product and probe circuitry
Many products based on publicly-availablereference designs
Components easy to identify
Circuitry can easily be reverse engineered
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
29/30
57 2005 Grand Idea Studio, Inc.
Common Hardware Design
Problems 2
Improper protection of external memory
Most memory is notoriously insecure
Serial EEPROMs can be read in-circuit
SRAM-based FPGA configuration can be sniffed
"Security through obscurity" still practiced
Hiding something does not make the problem go away
58 2005 Grand Idea Studio, Inc.
Conclusions
Even though technology has advanced, sameclasses of problems still plague hardware
Most, if not all, hardware solutions are open toattack
Hardware is usually inherently trusted
Black box != security
Blindly trusting hardware leads to a false sense ofsecurity
Hardware is not voodoo
-
8/7/2019 Can You Really Trust Hardware - Exploring Security Problems in Hardware Devices by Joe Grand
30/30
Joe GrandGrand Idea Studio, Inc.
www.grandideastudio.com
Thanks!